live chat
IT Security Architect Job in Cleveland, Ohio US

IT Security Architect

The Sherwin-Williams Company - Cleveland, OH

Posted: 1/24/2020 - Expires: 4/23/2020

Job ID: 215333410

Job Description

Founded in 1866, The Sherwin-Williams Company is a global leader in the manufacture, development, distribution, and sale of paints, coatings and related products to professional, industrial, commercial, and retail customers. The company manufactures products under well-known brands such as Sherwin-Williams, Valspar, HGTV HOME by Sherwin-Williams, Dutch Boy, Krylon, Minwax, Thompson's Water Seal, Cabot and many more. Sherwin-Williams branded products are sold exclusively through a chain of more than 4,100 company-operated stores and facilities, while the company's other brands are sold through leading mass merchandisers, home centers, independent paint dealers, hardware stores, automotive retailers, and industrial distributors. The company supplies a broad range of highly-engineered industrial and OEM coatings for wood and general industrial, coil, packaging, protective and marine, and transportation applications worldwide. Our 60,000 employees are diverse, innovative and passionate. With a variety of rewarding and challenging opportunities, Sherwin-Williams is a great place to find a career that takes you places.

The IT Security Architect's core function is to support the Sr. Director, Information Security and Data Privacy in designing a comprehensive ecosystem to effectively mitigate technology risk.  These goals are interrelated with the business goals of the company and the risk appetite.  This position coordinates projects with their initiation, development, and solution of problems with the interdepartmental and interdivisional related systems.  Key partners are enterprise architecture, strategy and governance, information technology and line of business leaders. The position will also coordinate research efforts around new capabilities and assist in prioritizing integration opportunities.

Essential Functions
Strategy & Planning

Participate in the planning and design of enterprise security architecture, under the direction of the Sr. Director, Information Security and Data Privacy, where appropriate.
Serve as primary departmental interface for technical security architecture for both strategy and enterprise architecture teams
Coordinate and prioritize opportunities for consolidation and integration across security service families
Develop strategies to implement systems and infrastructure required to interface and integrate business activities within and between departments and divisions.
Provide leadership for special projects.
Lead the planning, design, development and effectuation of improvements with focus on simplification and optimization processes.
Provide architectural expertise, direction, and assistance to Systems Analysts, Systems Engineers, other Systems Architects and Senior Architects.
Work with security leadership to coordinate roadmap delivery and timing from vendors.
Set research objectives for the department in conjunction with leadership team.
Recommend wants/needs for the annual budgeting process in IT Infrastructure technologies.

Acquisition & Deployment

Lead technology life-cycle projects including technology evaluation, selection, implementation, support and retirement/replacement.
Assist in developing Sherwin-Williams standards for technology deployment.
Document the company's existing systems architecture and technology portfolio; make recommendations for improvements and/or alternatives.
Provide guidance to the technical deployment of new systems, releases, versions and maintenance modifications to systems software.

Operational Management

Perform strategic analysis; apply advanced principles, theories, and concepts to resolution of problems.
Interact with all levels of customers, users, and vendors, including executive management, technical personnel, and contractors.
Lead in capacity planning and performance management activities.
Establish and communicate design and architecture standards via mentoring, technical presentations, and white papers.
Provide input to the development of service level goals and objectives for the team.
Assist in development and preparation of metrics.
Identify opportunities to improve service levels and/or minimize support efforts.
Mentor and/or provide guidance on technical topics as requested.

Incidental Functions

Provide security analysis and consultation services for product, system and network architecture designs.
Assist with other projects as may be required to contribute to efficiency and effectiveness of the group.
10% travel as required
Work outside the standard office 7.5 hour workday may be required with on-call availability.

Position Requirements
Formal Education & Certification

Bachelor's degree or foreign equivalent in related field or equivalent experience.
Preferred CISSP, GIAC, or CompTIA Security+

Knowledge & Experience

14+ years IT experience.
8+ years experience designing, developing, implementing systems.
6+ years experience in enterprise and/or solutions architecture and architectural frameworks.

7+ years of architectural or managerial leadership
Demonstrated ability to analyze existing technical architectures and recommend and implement alternatives with regard to tools, technologies, and approaches to their use.
Knowledge of vendor software integration and interaction patterns.
Knowledge of COTS evaluation principles and practices.

Proven experience in planning, organizing, and developing IT security and facility security system technologies.
Ability to identify and implement solutions to complex business problems

Experience in implementing technology or managing teams responsible for two of more of the following areas

Application Security

Dynamic and static scanners, such as Qualys, Veracode, and HP Webinspect.
Remediating Open Web Application Security Project(OWASP) Top 10 vulnerabilities
All phases of the software development lifecycle (SDLC)
Application vulnerability assessments and vulnerability remediation
Application penetration assessment and testing.
Web application firewalls

Network Security

Intrusion Prevention System (IPS)/Intrusion Detection Systems (IDS)
Firewall security management and auditing tools such as Algosec or Tufin
Network Access Control tools such as Cisco ISE or Forescout
Web proxy technology
Network traffic analysis, system forensics, dynamic and static malware analysis, signature generation, etc.
Virtual Private Networks
Network Segmentation

Identity and Access Management

Public Key Infrastructure (PKI) and certificate management
Identity Governance and provisioning
Single Sign On and Access Federation
Multi Factor Authentication
Privileged Access Management

Security Operations

Playbook development
Incident Response planning and execution
Security Information and Event Management (SIEM)
Security Orchestration and Automation Response (SOAR)
Vulnerability Management Program

Data and Endpoint Security

Data Loss Prevention (DLP) solutions -Host, Network, Cloud Access Security Broker and Mail gateway.
Enterprise compromise assessments and remediation
Configuration hardening
Endpoint Detection and Response, User Entity and Behavioral Analytics and Antivirus

Personal Attributes

Ability to set and manage priorities.
Excellent written and oral communication skills.
Excellent interpersonal skills.
Ability to present ideas in business-friendly and user-friendly language.
Exceptionally self-motivated and directed.
Keen attention to detail.
Superior analytical, evaluative, and problem-solving abilities.
Exceptional service orientation.
Ability to motivate in a team-oriented, collaborative environment.

Must be legally authorized to work in country of employment without sponsorship for employment visa status now or in the future.

Equal Opportunity Employer. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, citizenship status, marital status, or any other consideration prohibited by law or contract.VEVRAA Federal Contractor requesting priority referral of protected veterans.

Sherwin-Williams is proud to be an Affirmative Action, Equal Employment Opportunity, Inclusion and Diversity Supportive Employer. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identify, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.

VEVRAA Federal Contractor requesting priority referral of protected veterans.

Job Summary

Employment Type:
Full Time Employee
Job type:
Federal Contractor
Skill Based Partner:
Education Level:
Bachelor's degree
Work Days:
Mon, Tue, Wed, Thu, Fri
Job Reference Code
Licenses / Certifications:
Display Recommended WorkKeys®Recommended WorkKeys®: